r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15587
Expires: Wed, 07 Dec 2022 03:51:55 GMT
Date: Tue, 06 Dec 2022 23:32:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4526
Expires: Wed, 07 Dec 2022 00:47:34 GMT
Date: Tue, 06 Dec 2022 23:32:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 8
Cache-Control: max-age=125958
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:32:08 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:31:26 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hypBygwbX6fWvzviNL3hzfftyRUQ/8ia2qiFmUqO8yybJeoVzxUpuMhbm3wRt+tMxmzitAPNnJk=
x-amz-request-id: P9PCS9C871VZZMJ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 22:49:08 GMT
age: 2580
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 23:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 702
alt-svc: clear
X-Firefox-Spdy: h2
dongtaitu.com/
107.149.149.77301 Moved Permanently 0 B IP 107.149.149.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: dongtaitu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 23:32:20 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.dongtaitu.com/index.php
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:32:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 1390
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.dongtaitu.com/index.php
107.149.149.77200 OK 726 B URL HTTP/1.1 www.dongtaitu.com/index.php
IP 107.149.149.77:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (802), with CRLF line terminators
Hash c94ece6be611877207b786b9884e6d50
477fb7a0fbae6b726e8f4f3e9e9a7c1bb6fed1a5
880957d65641867684c5932189129691d7b5f42a7143724ad9a8175a3ee274cd
GET /index.php HTTP/1.1
Host: www.dongtaitu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:32:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6590
Cache-Control: max-age=127471
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:32:09 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:56:40 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
www.dongtaitu.com/common.js
107.149.149.77200 OK 686 B URL HTTP/1.1 www.dongtaitu.com/common.js
IP 107.149.149.77:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Hash e9497bb638cb36519eb8ac6672a94af5
6403d0e57cb8156db1d4a1ede1008f2441e23440
c16bfb1b0f820326ec6b4af88599af3d54031a17d92d2c99a13ad7ee64ebc489
GET /common.js HTTP/1.1
Host: www.dongtaitu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dongtaitu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:32:21 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.dongtaitu.com/tj.js
107.149.149.77200 OK 102 B IP 107.149.149.77:0
File type HTML document, ASCII text, with no line terminators
Hash 147866ba5ecc2a4113c1010bdc699838
f9d6562cb2c699ad5a7218ef77349733fe66f0f7
dfb78cf7599195f22883d707678df98a3393a87ff8054c47694d769664652dac
GET /tj.js HTTP/1.1
Host: www.dongtaitu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dongtaitu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:32:21 GMT
Content-Type: application/x-javascript
Content-Length: 102
Connection: keep-alive
push.services.mozilla.com/
35.83.91.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.91.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MrRoL+uSmzHK2Ofv28cULw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NUZqBtbif577R6I+tJUs4933wIk=
137.175.91.7/
137.175.91.7200 OK 8.1 kB IP 137.175.91.7:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash bc2895acb67546e256f1843fb6a49c85
6c02954d891384b752539d2c819b8c150d4acc45
69c35e7e54d0757bf5918bcb3e5623d9f88304316c9e660cdf758f72790aa74f
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dongtaitu.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.0.33, ASP.NET
Date: Tue, 06 Dec 2022 23:32:08 GMT
Content-Length: 8129
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Wed, 07 Dec 2022 03:38:39 GMT
Date: Tue, 06 Dec 2022 23:32:09 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8084268f9be232cde61eef42bd20985d
ad4f4370be8975f92959ae714f701f5b757fafac
d986936df62ec49b554d6b9d4afef30fec4d3dcddea1c9bdb4807695e464bd49
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D986936DF62EC49B554D6B9D4AFEF30FEC4D3DCDDEA1C9BDB4807695E464BD49"
Last-Modified: Mon, 05 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Wed, 07 Dec 2022 03:38:39 GMT
Date: Tue, 06 Dec 2022 23:32:09 GMT
Connection: keep-alive
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/wehpf5usmbb0006wehpf5usmbb129773.jpg
172.67.28.138200 OK 5.8 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/wehpf5usmbb0006wehpf5usmbb129773.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 00e6689cc040901e306126dad79c84de
b4359f0ef31a2c9bd19edf420c0b34a74dd408ea
49fcd417bea182db554d605f908281ef049562111a7e581c8fdaed5431e0139e
GET /upload/vod/2020/05-23/00/wehpf5usmbb0006wehpf5usmbb129773.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 5830
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6964
content-disposition: inline; filename="wehpf5usmbb0006wehpf5usmbb129773.webp"
etag: "5ec7f874-1b34"
last-modified: Fri, 22 May 2020 16:06:12 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9ecfb0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/dved4adsgii1748dved4adsgii454709.jpg
172.67.28.138200 OK 14 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/dved4adsgii1748dved4adsgii454709.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash bde13ce58faad2eed312fd03bb54a17e
acd76271b2c42388985cd2b2a91a88997ba3575f
37a48a3a15b6f5b3547bfaf0cbe7a3e178929ce3ca9316880988c614ae25839d
GET /upload/vod/2021/06-22/17/dved4adsgii1748dved4adsgii454709.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 14390
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=14536, status=webp_bigger
etag: "60d1b1fe-38c8"
last-modified: Tue, 22 Jun 2021 09:48:46 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9fd070b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-27/06/ewah0q5pyje0602ewah0q5pyje3819232.jpg
172.67.28.138200 OK 9.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-27/06/ewah0q5pyje0602ewah0q5pyje3819232.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b71a46d9f555f903e95830b4697fba84
2a823befc5f564466f761dc8e3440fca5c95adb5
cee852bc3a2598d46b1901f81790a264d21ed3c5a2c3295ead8135d76d01d307
GET /upload/vod/2020/04-27/06/ewah0q5pyje0602ewah0q5pyje3819232.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 9602
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=10419
content-disposition: inline; filename="ewah0q5pyje0602ewah0q5pyje3819232.webp"
etag: "5ea604fe-28b3"
last-modified: Sun, 26 Apr 2020 22:02:38 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9ecf50b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-27/06/ektxmcfvj5s0602ektxmcfvj5s3719225.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-27/06/ektxmcfvj5s0602ektxmcfvj5s3719225.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 119d41bb116833653019e031a29a4c23
ab8ab855cd07c0776d71747c63eb7f999dad6dfd
e3b1ada74a4e8bdcb4073418c2db869770f29ee1b798574a46aa7af44f4d1fb9
GET /upload/vod/2020/04-27/06/ektxmcfvj5s0602ektxmcfvj5s3719225.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 10863
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11443, status=webp_bigger
etag: "5ea604fd-2cb3"
last-modified: Sun, 26 Apr 2020 22:02:37 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9ecf70b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/mg45brbfafp0006mg45brbfafp209791.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/mg45brbfafp0006mg45brbfafp209791.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9fac7fc6086e13d727ff2349ffe7a392
1cf63b37dc886431ddc16a0153cb7bbc7c8c7b43
2d04d63cc96e995ecc1ad69da8e3b9e3900b303d0c3347cc8729809df018f664
GET /upload/vod/2020/05-23/00/mg45brbfafp0006mg45brbfafp209791.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 11462
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12097
content-disposition: inline; filename="mg45brbfafp0006mg45brbfafp209791.webp"
etag: "5ec7f87c-2f41"
last-modified: Fri, 22 May 2020 16:06:20 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9ecf90b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/ptt3hbzns2j0006ptt3hbzns2j199789.jpg
172.67.28.138200 OK 4.1 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/ptt3hbzns2j0006ptt3hbzns2j199789.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7d34cab6143334db3a68af26701aa87a
c713504e420591f4c0b65e22e092151173ac8481
e7a9eab6032fd4add0b02469d7435f160a1b0adcb1ac2685632ae7bec9752025
GET /upload/vod/2020/05-23/00/ptt3hbzns2j0006ptt3hbzns2j199789.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 4116
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5888
content-disposition: inline; filename="ptt3hbzns2j0006ptt3hbzns2j199789.webp"
etag: "5ec7f87b-1700"
last-modified: Fri, 22 May 2020 16:06:19 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9ecf80b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/lcrpwj4fu5d1750lcrpwj4fu5d074869.jpg
172.67.28.138200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/lcrpwj4fu5d1750lcrpwj4fu5d074869.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4fd3acbdbc17780dfb373405d3ce586d
848cacd6602d966fe648d52a105b8b496282cf82
b2b96d38ae496c7cfebf6cac514ee8d4f4f7d9cd29c0d567d2f08423b4d17246
GET /upload/vod/2021/06-22/17/lcrpwj4fu5d1750lcrpwj4fu5d074869.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 7682
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8781
content-disposition: inline; filename="lcrpwj4fu5d1750lcrpwj4fu5d074869.webp"
etag: "60d1b24f-224d"
last-modified: Tue, 22 Jun 2021 09:50:07 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fcfd0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-28/06/joazsacztsq0604joazsacztsq0922938.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-28/06/joazsacztsq0604joazsacztsq0922938.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash be3796e372df4e1f6dc854ae3df50b03
ad86ac2c6dde96800aad3bc30a56ad7f700dd127
a4832e8b7cc280b8554f10f6eb3e32635b0a0eefb46baf89e4345d3c30ec9f3e
GET /upload/vod/2020/04-28/06/joazsacztsq0604joazsacztsq0922938.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 10887
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11434, status=webp_bigger
etag: "5ea756d9-2caa"
last-modified: Mon, 27 Apr 2020 22:04:09 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9ecf40b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/vmxfpv1lcqj0006vmxfpv1lcqj169781.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/vmxfpv1lcqj0006vmxfpv1lcqj169781.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash fa26d8d483562f53cb9fbc220e8cb930
35c679c2163ac54f837c922c3806d46feef4a55e
ba243fcea3efd3692604121699a5c68fd9201df443b055e91d5a2e9965de72d2
GET /upload/vod/2020/05-23/00/vmxfpv1lcqj0006vmxfpv1lcqj169781.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 12364
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12896, status=webp_bigger
etag: "5ec7f878-3260"
last-modified: Fri, 22 May 2020 16:06:16 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9fd010b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/t5m4g05pbf51750t5m4g05pbf5154892.jpg
172.67.28.138200 OK 4.0 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/t5m4g05pbf51750t5m4g05pbf5154892.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9ee79c42dd91cec013e33db9d50f8496
2da35c6e33e19dae1515f9c06b3294f058c6525d
2793b86b4acf017026ead1c134e270957df80e3bfa8fd4a466f9d6db18a20c33
GET /upload/vod/2021/06-22/17/t5m4g05pbf51750t5m4g05pbf5154892.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 3990
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6668
content-disposition: inline; filename="t5m4g05pbf51750t5m4g05pbf5154892.webp"
etag: "60d1b257-1a0c"
last-modified: Tue, 22 Jun 2021 09:50:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd030b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/avqsrfcrsia1750avqsrfcrsia094875.jpg
172.67.28.138200 OK 4.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/avqsrfcrsia1750avqsrfcrsia094875.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c6f9d0c83b3ec47d810ff148d174378
5eaf6946644a2ef3e6b1d0f896182f4f2f51900e
1e33a0f30e72053e4246999f8a4712234acb222fa4c2d9d6c360e0eebecd66ca
GET /upload/vod/2021/06-22/17/avqsrfcrsia1750avqsrfcrsia094875.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 4206
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8363
content-disposition: inline; filename="avqsrfcrsia1750avqsrfcrsia094875.webp"
etag: "60d1b251-20ab"
last-modified: Tue, 22 Jun 2021 09:50:09 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9ecfc0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/x1vrndpxm3q1750x1vrndpxm3q054865.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/x1vrndpxm3q1750x1vrndpxm3q054865.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 30d0c8eb7d53a63bfc378f5a040b545f
b858b05705b8288a79aa44dea8a9b43364c7394b
16a2e43cdf081575810e6447a5e6a23a5840a750f27b8aeb4a3f975f33e28c86
GET /upload/vod/2021/06-22/17/x1vrndpxm3q1750x1vrndpxm3q054865.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 10876
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12716
content-disposition: inline; filename="x1vrndpxm3q1750x1vrndpxm3q054865.webp"
etag: "60d1b24d-31ac"
last-modified: Tue, 22 Jun 2021 09:50:05 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd060b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/twxr0u3jabk0006twxr0u3jabk159779.jpg
172.67.28.138200 OK 6.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/twxr0u3jabk0006twxr0u3jabk159779.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b00fc7af34d38593ba10f1a417be1ab6
77122460597287a12736cd48084c3f5d7dafcd4c
1e0c06e095d177e19512b59996fe476b8aa9fcbaab6340b597c074c6cfa20536
GET /upload/vod/2020/05-23/00/twxr0u3jabk0006twxr0u3jabk159779.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 6708
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=7952
content-disposition: inline; filename="twxr0u3jabk0006twxr0u3jabk159779.webp"
etag: "5ec7f877-1f10"
last-modified: Fri, 22 May 2020 16:06:15 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd000b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/2dqqr2aerjr17502dqqr2aerjr144888.jpg
172.67.28.138200 OK 3.2 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/2dqqr2aerjr17502dqqr2aerjr144888.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 768d68a3acc1f8ac1e0cb0cca68d2efb
e303e3fb14d75f5e87fbc013375533382c371b4a
db9014ddff2b77f7c5f21e44eda4a627253bf7914056ee3fdf541011d7271f75
GET /upload/vod/2021/06-22/17/2dqqr2aerjr17502dqqr2aerjr144888.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 3222
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5538
content-disposition: inline; filename="2dqqr2aerjr17502dqqr2aerjr144888.webp"
etag: "60d1b256-15a2"
last-modified: Tue, 22 Jun 2021 09:50:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd0c0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-27/06/mr4otldaash0602mr4otldaash3219188.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-27/06/mr4otldaash0602mr4otldaash3219188.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 1f9d08f6d0523a298e0af5128025c72f
0299237348e28910e12f1e55ea62e1cf113dc516
610ec36307b53cfad09e2f95236183b8e5083b6ad1d9fe45a45158076fdd4674
GET /upload/vod/2020/04-27/06/mr4otldaash0602mr4otldaash3219188.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 12185
cf-bgj: imgq:85,h2pri
cf-polished: origSize=12735, status=webp_bigger
etag: "5ea604f8-31bf"
last-modified: Sun, 26 Apr 2020 22:02:32 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9fd0f0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-27/06/301xvtqffck0602301xvtqffck3619222.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-27/06/301xvtqffck0602301xvtqffck3619222.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b5b2817bcfb2b05483d566c889e59762
9af9634dc0d0e5461929fa2961e1abbe10b17b07
272ef2d2bd5e75239d373cb02f82091c4a8b0754056bb02f038d955efc7634ee
GET /upload/vod/2020/04-27/06/301xvtqffck0602301xvtqffck3619222.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 10544
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11284
content-disposition: inline; filename="301xvtqffck0602301xvtqffck3619222.webp"
etag: "5ea604fd-2c14"
last-modified: Sun, 26 Apr 2020 22:02:37 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd0b0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-27/06/s4vk5lv5vtj0602s4vk5lv5vtj3619219.jpg
172.67.28.138200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-27/06/s4vk5lv5vtj0602s4vk5lv5vtj3619219.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c30e03cdbc4e393337a79d8b4e5b7a27
8629e98f7fca300e37357d21784003315f442324
fc71579e8a0d218ee9a8aeea882182b093a741d08eaec6bea278334d756709a6
GET /upload/vod/2020/04-27/06/s4vk5lv5vtj0602s4vk5lv5vtj3619219.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 8624
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9551
content-disposition: inline; filename="s4vk5lv5vtj0602s4vk5lv5vtj3619219.webp"
etag: "5ea604fc-254f"
last-modified: Sun, 26 Apr 2020 22:02:36 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd090b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-28/06/pfmexj0vstn0604pfmexj0vstn1022942.jpg
172.67.28.138200 OK 12 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-28/06/pfmexj0vstn0604pfmexj0vstn1022942.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ba1cee7fdd2357f4015b8e9e962d4642
d9cbea06e5150bdde55032d2fd8362231932dc1f
8900b708c626b9e6bf597f32b903c8d1ffb66f6dc70882eacc8cf6f89fff96b1
GET /upload/vod/2020/04-28/06/pfmexj0vstn0604pfmexj0vstn1022942.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 12326
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=12781
content-disposition: inline; filename="pfmexj0vstn0604pfmexj0vstn1022942.webp"
etag: "5ea756da-31ed"
last-modified: Mon, 27 Apr 2020 22:04:10 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd040b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/04-27/06/whsebkqe3ao0602whsebkqe3ao3119182.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/04-27/06/whsebkqe3ao0602whsebkqe3ao3119182.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 19a2ef8a4182afef97efe21b3b181b27
5aa94af2dd31b456d20e93c765ad8a29228e654d
9324b10cfed7a60155665378cf2261e71734bcfddadcf57bfc299cceca096c5d
GET /upload/vod/2020/04-27/06/whsebkqe3ao0602whsebkqe3ao3119182.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 11287
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11920, status=webp_bigger
etag: "5ea604f7-2e90"
last-modified: Sun, 26 Apr 2020 22:02:31 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9fd0e0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/itvq120ndvk1750itvq120ndvk074871.jpg
172.67.28.138200 OK 4.3 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/itvq120ndvk1750itvq120ndvk074871.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fcd0c035f442f697393ae34c82ae5205
43f0cd7e1083cc1bcbddb41599450d22c2aeda0b
97930035df4c5b91a26ae8ad126bc4336b2a8da1cbfccd0e96cb831ed5bbc285
GET /upload/vod/2021/06-22/17/itvq120ndvk1750itvq120ndvk074871.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 4334
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=6472
content-disposition: inline; filename="itvq120ndvk1750itvq120ndvk074871.webp"
etag: "60d1b250-1948"
last-modified: Tue, 22 Jun 2021 09:50:08 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd050b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/njdofovdk210006njdofovdk21149777.jpg
172.67.28.138200 OK 8.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/njdofovdk210006njdofovdk21149777.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4c37c0e97f26fee49a6ff6ad904491ce
81cfc5953089ba1fda5f5ccb657251ffe6892ff1
2d86e9c9401e4a4dbaffabfe72922d741c30f4df6b62f4a9fccb6c9acd471700
GET /upload/vod/2020/05-23/00/njdofovdk210006njdofovdk21149777.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 8648
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9401
content-disposition: inline; filename="njdofovdk210006njdofovdk21149777.webp"
etag: "5ec7f876-24b9"
last-modified: Fri, 22 May 2020 16:06:14 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fcff0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/rem1mplqhu40006rem1mplqhu4189787.jpg
172.67.28.138200 OK 10 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/rem1mplqhu40006rem1mplqhu4189787.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 0e31e9cd3372627c8ca97b55ef8bffff
5b8594b3ac88ad9a5c7486cec98ad0208e79acf3
761d517364cba5f76d26eb1b21ae8b1414d306a87dc5461b95343ad019c74022
GET /upload/vod/2020/05-23/00/rem1mplqhu40006rem1mplqhu4189787.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 10303
cf-bgj: imgq:85,h2pri
cf-polished: origSize=10821, status=webp_bigger
etag: "5ec7f87a-2a45"
last-modified: Fri, 22 May 2020 16:06:18 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9fcfe0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2020/05-23/00/1myytjgd23u00061myytjgd23u139775.jpg
172.67.28.138200 OK 11 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2020/05-23/00/1myytjgd23u00061myytjgd23u139775.jpg
IP 172.67.28.138:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 4x3, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 3325e6aa55ff398fc74eb27f968e612a
34ec1fa7d69eeef9c95d86a0a3bcab795684b95b
80cc2ea17738cbf731a772745c7020b56c75665fb84a9cebea6a39c9d3e504d1
GET /upload/vod/2020/05-23/00/1myytjgd23u00061myytjgd23u139775.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/jpeg
content-length: 10891
cf-bgj: imgq:85,h2pri
cf-polished: origSize=11447, status=webp_bigger
etag: "5ec7f875-2cb7"
last-modified: Fri, 22 May 2020 16:06:13 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7758d1b9fd0d0b45-OSL
X-Firefox-Spdy: h2
lbfm.lbpictupian.com/upload/vod/2021/06-22/17/ejgs5b5mhwf1748ejgs5b5mhwf444704.jpg
172.67.28.138200 OK 3.4 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2021/06-22/17/ejgs5b5mhwf1748ejgs5b5mhwf444704.jpg
IP 172.67.28.138:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 320x240, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1e78ded5c7252fdcc3fe58227358000d
7d6152769521f9dbc2c2b012ed73bc5921a48654
da051ad3a99b43cf7765b92e4f4f7a779aaa6a93740fec646c76633523237508
GET /upload/vod/2021/06-22/17/ejgs5b5mhwf1748ejgs5b5mhwf444704.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:09 GMT
content-type: image/webp
content-length: 3362
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=5625
content-disposition: inline; filename="ejgs5b5mhwf1748ejgs5b5mhwf444704.webp"
etag: "60d1b1fc-15f9"
last-modified: Tue, 22 Jun 2021 09:48:44 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2141
accept-ranges: bytes
server: cloudflare
cf-ray: 7758d1b9fd020b45-OSL
X-Firefox-Spdy: h2
137.175.91.7/template/m1938pc/css/ate.css
137.175.91.7200 OK 4.5 kB URL HTTP/1.1 137.175.91.7/template/m1938pc/css/ate.css
IP 137.175.91.7:0
File type ASCII text, with CRLF line terminators
Hash 1164a38c5186eff1838f351d96dbd192
1f5c06f7969ca9602774591594b1d4170137cdc3
fec2bebf191e9c67f3ce3234909acb71fa272057962f230dce334cdfd514b3e2
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/ate.css HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Accept-Ranges: bytes
ETag: "06ae58622f2d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 4498
137.175.91.7/template/m1938pc/ads/dh1.js
137.175.91.7200 OK 220 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/dh1.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with no line terminators
Hash a2241f45f363490d3839f9ffc9b92ef5
b0494a2b79aaa45136b2ea63f02d30dcc2c5a763
e7ea29e1910e6d22c5363391f454f7584f58a6d64da830da967c83f311b53e1e
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/dh1.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "3036e07e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 220
137.175.91.7/template/m1938pc/ads/xx1.js
137.175.91.7200 OK 219 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/xx1.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with no line terminators
Hash 5b322a96bb6d7e778f60e7e62250ba71
e5c28d6a07d682b8a2c066a486d4c5a48a2eaba1
9a256d6ac2539b4fb3998fc43c06942ac11fd83c342b5c802eeb869dcbd34382
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/xx1.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "8aafde7e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 219
137.175.91.7/template/m1938pc/ads/xx2.js
137.175.91.7200 OK 219 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/xx2.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with no line terminators
Hash e6a532fb72c93450c63f15c39c8ab214
e9ed9882bf643385ca135c22762d9fa1b35064bf
5d8a3cce0493313059795d1e05d4f557e98a94f985189851819a8066b214dab4
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/xx2.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "8aafde7e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 219
137.175.91.7/template/m1938pc/ads/dh.js
137.175.91.7200 OK 219 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/dh.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with no line terminators
Hash 366c81cba4fd031ec0ae0a9636349bb8
803582682b1e97ac51b7db8283c5ba0004080559
697033fdd5ea3b21eee11d85855394544d77924e3d5ea2ca9eafbfd057a38f7f
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/dh.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "3036e07e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 219
137.175.91.7/template/m1938pc/ads/xx3.js
137.175.91.7200 OK 219 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/xx3.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with no line terminators
Hash 0e35c450cb802ba8551d7e0185cb17e8
656802a7474200b35338939265972ea917df76be
0ec5a6ba7781704693ac66bfeebeb0c43732a9409dfeb3867ab172df4e0dadb4
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/xx3.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "3036e07e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 219
137.175.91.7/template/m1938pc/css/zui.css
137.175.91.7200 OK 15 kB URL HTTP/1.1 137.175.91.7/template/m1938pc/css/zui.css
IP 137.175.91.7:0
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 48c376278eb9da985b90bb1612dbeee1
4d755742285a8bc38f9c73b3a5976c6b381e3c32
af7cb37270a26d66dd3bb89f42d9c122bb2a1bfe9f6fe076138d9864c7193bee
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/css/zui.css HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:19 GMT
Accept-Ranges: bytes
ETag: "807fbf6ef4d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 15351
137.175.91.7/template/m1938pc/ads/dl.js
137.175.91.7200 OK 223 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/dl.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with no line terminators
Hash 6f4a695d387321fe95639338cbceacb8
94da15174a1e8c9d0bcf64f71c46805b291e7e25
b6bb8f9290f094e5878019cf2204d643ae66e5e66cb52e271cf9d14302f23c24
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/dl.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "2b2add7e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 223
137.175.91.7/template/m1938pc/ads/tj.js
137.175.91.7200 OK 222 B URL HTTP/1.1 137.175.91.7/template/m1938pc/ads/tj.js
IP 137.175.91.7:0
File type HTML document, ASCII text, with CRLF line terminators
Hash ed94ae1c8ae2901055fddc77eb6ecc70
fede1c52b66dcd95ea282064c51c47847c144f6f
51bd247755ec75e711cd349b43c9e641151213cb756b201d28144df948e7be13
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/ads/tj.js HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2022 12:30:16 GMT
Accept-Ranges: bytes
ETag: "8aafde7e6e9d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:09 GMT
Content-Length: 222
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8297
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8297
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8297
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8297
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8297
Expires: Wed, 07 Dec 2022 01:50:27 GMT
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b079607b368263e3517dd30250f5f2af
a1b7863c70f1d501560a5b2fb4442f4835f94341
e7ed3ed2aca312d82fb017e06c6493fafffff9a603d1498c9c05355c08b444e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: 355ca338-7d8e-4a60-a491-0509d0ff32d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirF3DIAMF-vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5bff7b5b3984102e1ef0e737;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RlnA4SSUIbIVtGBxqBtabKw58aXWE-jGIKLZ4DnoTiGzvH5bzBOUbA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "a1b7863c70f1d501560a5b2fb4442f4835f94341"
content-type: image/jpeg
age: 5691
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:32:46 GMT
age: 53964
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fo3lMa6shsclTxMwkqU7b-FdfADL1J2vHt8BNpEImo0gsmmI01BNTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 10:08:58 GMT
age: 48192
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cefc5a863db79a7a8acd7366322ea34d
ec084f21bd0bcf5c101366e5732421835b3230d3
ee5a022da888181060a9d4ac8ab18fb8e35143b5f046f905d38553b9552f0bbb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3175
x-amzn-requestid: 3b5ffd5c-a8a5-40d8-b370-c13b0da5f543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csXJEF0hIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6bd3-40d73fc5702a607c4ef71574;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gNK10oIddAZwVCL8NzMqRxFQcLA2VOGXu5y-Pk77re_DWmyeTugluQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:47:31 GMT
age: 67479
etag: "ec084f21bd0bcf5c101366e5732421835b3230d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/27/dmm7535.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/27/dmm7535.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/27/dmm7535.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:50 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/27/dmm7535.jpg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6f4dd03deb6114fec01808b034a711c
c74d29bba44dbb09158da4b9e1b490112c7db915
ddc6721d8a42821c458cf6d5c64ebd10ca0002c95a275be1732cd9ade7bf1b6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10567
x-amzn-requestid: b9b16cdf-bfa2-4e3c-b00f-1704dd3473d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgIC6EgLoAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638986df-3945eea57676d3f91f8f2b3c;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 05:02:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jq1EHQBqVeb9KBozcSUpieXUDHhouxr6YkJrhiqqZ4VP1ZwPV6LHEA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:36:00 GMT
age: 3370
etag: "c74d29bba44dbb09158da4b9e1b490112c7db915"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b89a7fe1080499e4f7171f962b57fec4
62ef59be034071e667e3476ea0740077c86778c1
e17432ce6af0006ba36fd43e13c56c1bd1dd9b1d1bc250309bc2731ac8f52abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8906
x-amzn-requestid: 453c8d4f-205d-46ac-8d24-1c9849d71419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvmAyEMnoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb6d1-7b5051335073a5d2339e02e1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:40:33 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2LpJmaGp8UzaZHqa9WtCTvFq0oQYOVNAdKBdYHURf2d2v5fh7j44uQ==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
age: 5691
etag: "62ef59be034071e667e3476ea0740077c86778c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fmlb.netlbtu.com/images/2021/7/28/dmm7546.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7546.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/28/dmm7546.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:50 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/28/dmm7546.jpg
fmlb.netlbtu.com/images/2021/7/28/dmm7544.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7544.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/28/dmm7544.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:50 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/28/dmm7544.jpg
fmlb.netlbtu.com/images/2021/7/26/dmm7529.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/26/dmm7529.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/26/dmm7529.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:50 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/26/dmm7529.jpg
fmlb.netlbtu.com/images/2021/7/26/dmm7528.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/26/dmm7528.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/26/dmm7528.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:50 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/26/dmm7528.jpg
142.0.142.59/js/1/1.js
142.0.142.59200 OK 1.8 kB IP 142.0.142.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (456), with CRLF line terminators
Hash d8a4850daa16dea414d856efaa3b7d5f
53821c1f133b405895c9708880ba6bac15a64627
25da0cd0b4dbd4759a17f0f39ec13add775c64c67811a585a0d4e748d0b50d95
Analyzer Verdict Alert quad9 Sinkholed
GET /js/1/1.js HTTP/1.1
Host: 142.0.142.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 13:17:04 GMT
Accept-Ranges: bytes
ETag: "08efddab8d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:22 GMT
Content-Length: 1825
fmlb.netlbtu.com/images/2021/7/27/dmm7539.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/27/dmm7539.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/27/dmm7539.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:50 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/27/dmm7539.jpg
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash fe08ed479941da149a9147a1f1be15e5
396ed00bbce3349d0de24fa67c0d41f6e1179b95
b48cf6cb1add26a97f894899c87b05eeb9151249112346ed9d0c91f2729e6c7a
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:32:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:28:48 GMT
ETag: "396ed00bbce3349d0de24fa67c0d41f6e1179b95"
Last-Modified: Tue, 06 Dec 2022 20:28:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 549
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7758d1be3e6cb529-OSL
fmlb.netlbtu.com/images/2021/7/28/dmm7552.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7552.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/28/dmm7552.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/28/dmm7552.jpg
fmlb.netlbtu.com/images/2021/7/28/dmm7551.jpg
45.89.209.74301 Moved Permanently 239 B URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7551.jpg
IP 45.89.209.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 67194376ec810b1466000b45b043ab94
b5b0840425f5602244750801336e7e8b9efd022f
39e3595d59216b98e54c6f089954d1397d9eb7f75a2a85914881cec2eef07164
GET /images/2021/7/28/dmm7551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: text/html
Content-Length: 239
Connection: keep-alive
Location: https://fmlb.netlbtu.com/images/2021/7/28/dmm7551.jpg
www.dongtaitu.com/favicon.ico
107.149.149.77200 OK 1.2 kB URL HTTP/1.1 www.dongtaitu.com/favicon.ico
IP 107.149.149.77:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7ef1f0a0093460fe46bb691578c07c95
2da3ffbbf4737ce4dae9488359de34034d1ebfbd
4c62eef22174220b8655590a77b27957f3518b4c3b7352d0b64263b80e728f2c
GET /favicon.ico HTTP/1.1
Host: www.dongtaitu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.dongtaitu.com/index.php
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 23:32:22 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Fri, 01 Jul 2011 08:14:23 GMT
Connection: keep-alive
ETag: "4e0d81df-47e"
Expires: Sun, 11 Dec 2022 23:32:22 GMT
Cache-Control: max-age=432000
Accept-Ranges: bytes
142.0.142.59/js/1/dh1.js
142.0.142.59404 Not Found 1.2 kB IP 142.0.142.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /js/1/dh1.js HTTP/1.1
Host: 142.0.142.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:22 GMT
Content-Length: 1163
142.0.142.59/js/1/dh.js
142.0.142.59200 OK 623 B IP 142.0.142.59:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 509bd615fbb2401bb3275c2a5a21d48f
6784e961ee479b2ec890f83b3f458f701eec2906
17877ef7d84c2944f3a5acc3bd1b6b08b701a83db22258b44d7b3b9e06808e08
Analyzer Verdict Alert quad9 Sinkholed
GET /js/1/dh.js HTTP/1.1
Host: 142.0.142.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 19:36:19 GMT
Accept-Ranges: bytes
ETag: "23bdeb324efcd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:23 GMT
Content-Length: 623
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 0389554b2d681b9cfd3d81272fe75b39
74b4966ad4511ce2cb1e4bd3eef765943e793ff6
5ce3f012641c1161d4bf394cd2a8c07577cc1072ec22c2105028adfb6b05236f
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=3
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 0389554b2d681b9cfd3d81272fe75b39
74b4966ad4511ce2cb1e4bd3eef765943e793ff6
5ce3f012641c1161d4bf394cd2a8c07577cc1072ec22c2105028adfb6b05236f
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=3
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 0389554b2d681b9cfd3d81272fe75b39
74b4966ad4511ce2cb1e4bd3eef765943e793ff6
5ce3f012641c1161d4bf394cd2a8c07577cc1072ec22c2105028adfb6b05236f
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=3
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 0389554b2d681b9cfd3d81272fe75b39
74b4966ad4511ce2cb1e4bd3eef765943e793ff6
5ce3f012641c1161d4bf394cd2a8c07577cc1072ec22c2105028adfb6b05236f
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=3
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
dvcasha2.ocsp-certum.com/
23.36.79.10200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.10:0
ASN #20940 Akamai International B.V.
Hash 0389554b2d681b9cfd3d81272fe75b39
74b4966ad4511ce2cb1e4bd3eef765943e793ff6
5ce3f012641c1161d4bf394cd2a8c07577cc1072ec22c2105028adfb6b05236f
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=3
Date: Tue, 06 Dec 2022 23:32:10 GMT
Connection: keep-alive
142.0.142.59/js/1/2.js
142.0.142.59200 OK 586 B IP 142.0.142.59:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c694c574feaeb409e3749f808c16bf1d
b12339ba0dab3de29b95335f62d034756473bfe2
0e716fcf0315be921f8a9e9978d5d6b873c19768a23b80a4a740e79f40496467
Analyzer Verdict Alert quad9 Sinkholed
GET /js/1/2.js HTTP/1.1
Host: 142.0.142.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 26 Nov 2022 09:07:35 GMT
Accept-Ranges: bytes
ETag: "28b6986761d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:23 GMT
Content-Length: 586
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1158faed4625fc55b0bc4a46c4f4ef2e
a30969f8ef81a4bd318231d7fd6f6f3fe8567073
78d65d9154a7087a02158c9c238ccaddb0627434f067d0d2dbc2ce1f86b6d786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78D65D9154A7087A02158C9C238CCADDB0627434F067D0D2DBC2CE1F86B6D786"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9370
Expires: Wed, 07 Dec 2022 02:08:21 GMT
Date: Tue, 06 Dec 2022 23:32:11 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 870297c53111e48331371df0ee3a1e7d
062832114a906e78cbb218ed329de7e99ee28e22
94677a4305d0ae6090eb32d3f9e3df202975e215328c5132df63a992090c9a41
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:32:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 08:52:34 GMT
Expires: Tue, 13 Dec 2022 08:52:33 GMT
Etag: "062832114a906e78cbb218ed329de7e99ee28e22"
Cache-Control: max-age=551421,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758d1c0b86efac8-OSL
js.users.51.la/21469531.js
103.143.19.103200 OK 2.3 kB URL HTTP/1.1 js.users.51.la/21469531.js
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
File type ASCII text, with very long lines (4898)
Hash 1a2fce3554737330b5c2691a06a738ad
2c8f4829ab1a1cd1377a6ba1ad2d92a09a64e215
87ab4316294e6384762fa4d12b1bdd675dcdab11baabbe8919075ebba74e32dc
GET /21469531.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.dongtaitu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: CloudWAF
Date: Tue, 06 Dec 2022 23:32:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=1f75b265e2ee78faddd; path=/
HWWAFSESTIME=1670369528807; path=/
Cache-Control: max-age=360000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
137.175.91.7/template/m1938pc/images/video-play.png
137.175.91.7200 OK 1.6 kB URL HTTP/1.1 137.175.91.7/template/m1938pc/images/video-play.png
IP 137.175.91.7:0
File type PNG image data, 42 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash be7ca0a4a7c0317398a11162b1e09b75
5dbe6a02524cfbf5f5111478a71f91a9259056b5
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
Analyzer Verdict Alert quad9 Sinkholed
GET /template/m1938pc/images/video-play.png HTTP/1.1
Host: 137.175.91.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/template/m1938pc/css/zui.css
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Accept-Ranges: bytes
ETag: "4062fb8c22f2d61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:10 GMT
Content-Length: 1567
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash fb3a27c1a3250ae93197528d984e4311
88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a
a923962049c629f21875c9f3172bb7177f0622fd185988779636448e631475d1
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:32:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 10 Dec 2022 20:37:54 GMT
ETag: "88fdf5d250c3b8e76abc9f451c5fafe2571a5a3a"
Last-Modified: Tue, 06 Dec 2022 20:37:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2738
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7758d1c23874b511-OSL
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash c0e0b60f82d2fb18adcfca90fa1f158a
40c606ddddbca03999d4a177d283d0c6b1d01af4
79f8115169b4963c56f64080ccd0ed1301a7be17bd738dfad6a36aba85d8c524
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79F8115169B4963C56F64080CCD0ED1301A7BE17BD738DFAD6A36ABA85D8C524"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9046
Expires: Wed, 07 Dec 2022 02:02:57 GMT
Date: Tue, 06 Dec 2022 23:32:11 GMT
Connection: keep-alive
142.0.142.59/js/1/3.js
142.0.142.59200 OK 0 B IP 142.0.142.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /js/1/3.js HTTP/1.1
Host: 142.0.142.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 20 Jul 2020 15:47:39 GMT
Accept-Ranges: bytes
ETag: "2c8fb418ad5ed61:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:23 GMT
Content-Length: 0
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7d6b07269b6c5dc3843e7baf9e04dd4d
f4a2a6f40c7c96689be9d841a9b0d8460acdd30e
dd6bea36768d1384d4b9369a15f8b32795438e2c6a32e762ec85baef835604f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3730
Cache-Control: max-age=87523
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:32:11 GMT
Etag: "638e754c-116"
Expires: Wed, 07 Dec 2022 23:50:54 GMT
Last-Modified: Mon, 05 Dec 2022 22:48:44 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
142.0.142.59/js/1/xuanfu.js
142.0.142.59200 OK 673 B URL HTTP/1.1 142.0.142.59/js/1/xuanfu.js
IP 142.0.142.59:0
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash c44813aac9ba3139d34014cfb89aa794
00e52974e58ef47fbd4fdc8d2822067ab9160898
023e5e6f84fb233b446212b1fd805d64d1bc6f13a54af4b9b062748e0d5432cb
Analyzer Verdict Alert quad9 Sinkholed
GET /js/1/xuanfu.js HTTP/1.1
Host: 142.0.142.59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://137.175.91.7/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2022 07:14:43 GMT
Accept-Ranges: bytes
ETag: "52bce99e6fbd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Tue, 06 Dec 2022 23:32:23 GMT
Content-Length: 673
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fc4947265eb0418d58c516275efa486c
ebc19b237f4554f46d348e2232c21440b35bda70
dc64bf4b5d01cc44d13d8a8d90dc08cda22e27f245e5b7f023fe0120d9388d6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC64BF4B5D01CC44D13D8A8D90DC08CDA22E27F245E5B7F023FE0120D9388D6C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4262
Expires: Wed, 07 Dec 2022 00:43:13 GMT
Date: Tue, 06 Dec 2022 23:32:11 GMT
Connection: keep-alive
fmlb.netlbtu.com/images/2021/7/26/dmm7529.jpg
45.89.209.74200 OK 145 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/26/dmm7529.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x500, components 3\012- data
Size 145 kB (144988 bytes)
Hash fad0ca67b0135bb5d47ebcc43415c0e3
0a32525f4ac138caa76bf79e1ed71043bbc53b2f
8cfcccadd4707b0ea30b41b0ec7affb445aabc5dbd6c53e6181923e661a6f4c4
GET /images/2021/7/26/dmm7529.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: image/jpeg
Content-Length: 144988
Last-Modified: Fri, 25 Nov 2022 12:39:33 GMT
Connection: keep-alive
ETag: "6380b785-2365c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/26/dmm7528.jpg
45.89.209.74200 OK 140 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/26/dmm7528.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x500, components 3\012- data
Size 140 kB (139626 bytes)
Hash 49d8cbc477fff1d86dca23fcd5260a5b
04ed375f0f7da2dc9f8e28448828d349566245cc
f2c363eeb84eedc447813ed664bdf9a76c5b064483de676ad0ca42e3bae287d8
GET /images/2021/7/26/dmm7528.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: image/jpeg
Content-Length: 139626
Last-Modified: Fri, 25 Nov 2022 13:11:07 GMT
Connection: keep-alive
ETag: "6380beeb-2216a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/27/dmm7535.jpg
45.89.209.74200 OK 203 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/27/dmm7535.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 203 kB (202644 bytes)
Hash a41efb67b881ba9c30a13989ba169970
ce1f3c4edde2b5159e7ff387f228c082461daaf5
6fcbb97d3629b4d525dda8525850d0642404ca0744a7945492be0dbea3d17e0d
GET /images/2021/7/27/dmm7535.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: image/jpeg
Content-Length: 202644
Last-Modified: Fri, 25 Nov 2022 12:40:57 GMT
Connection: keep-alive
ETag: "6380b7d9-31794"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/28/dmm7546.jpg
45.89.209.74200 OK 164 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7546.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 164 kB (163506 bytes)
Hash 2a0ac22d32b26c22818354174e4f9de2
4671057819887896da2c5df61fc8eac18fd4efb1
2b2ffad42ef1b2cbf9624d9ad8f3e7d865952ad3a8e7c76e801bf25ab1faffd2
GET /images/2021/7/28/dmm7546.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: image/jpeg
Content-Length: 163506
Last-Modified: Fri, 25 Nov 2022 13:36:12 GMT
Connection: keep-alive
ETag: "6380c4cc-27eb2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/28/dmm7544.jpg
45.89.209.74200 OK 208 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7544.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x538, components 3\012- data
Size 208 kB (207722 bytes)
Hash 3fa327c60d61cd4a189895fb2bb54d41
1d83e0a028a25af87051c52d8f8f261de9d90b03
0d610f8293279a1f6cf12fa05177f50207925d0c58432294eb323db6a338187e
GET /images/2021/7/28/dmm7544.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: image/jpeg
Content-Length: 207722
Last-Modified: Fri, 25 Nov 2022 12:43:03 GMT
Connection: keep-alive
ETag: "6380b857-32b6a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
678tktp.com/tp/960x60.gif
154.83.24.157200 OK 42 kB URL HTTP/1.1 678tktp.com/tp/960x60.gif
IP 154.83.24.157:0
File type GIF image data, version 89a, 960 x 60\012- data
Hash 4fd9de737ce6698fb5c3a0eb52ed3cdf
da1fc841a82ddbfcee0dde9dd50b34acad24ce50
03cae438deedf1f1eb905ac79daef3fa63b8a45c51c9fbbe8164e7df0ac4a58c
GET /tp/960x60.gif HTTP/1.1
Host: 678tktp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Tue, 06 Dec 2022 23:32:11 GMT
Content-Type: image/gif
Content-Length: 41618
Connection: keep-alive
Last-Modified: Mon, 07 Nov 2022 04:31:47 GMT
ETag: "63688a33-a292"
Expires: Thu, 05 Jan 2023 16:21:11 GMT
Cache-Control: max-age=2592000
Via: 154.83.24.154
CDN-Cache: HIT
Accept-Ranges: bytes
362728tdg.com/a8a31e83250344dd8517d9ec4e64e0bf.gif
103.170.15.100200 OK 407 kB URL HTTP/1.1 362728tdg.com/a8a31e83250344dd8517d9ec4e64e0bf.gif
IP 103.170.15.100:0
ASN #7483 Skycloud Computing co., Ltd.
File type GIF image data, version 89a, 960 x 70\012- data
Size 407 kB (407200 bytes)
Hash 3a2a02fe192865c46b4ea1b57711d35d
10d02c2e54d809ceeed42839991a8b2efa59c573
0b600e3355c823c5669f8338ff521c9b3790de0c3bb051bf24b19fc644821c6d
Analyzer Verdict Alert quad9 Sinkholed
GET /a8a31e83250344dd8517d9ec4e64e0bf.gif HTTP/1.1
Host: 362728tdg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=604800
ETag: "636ca97b-636a0"
Date: Sat, 12 Nov 2022 13:40:52 GMT
Content-Type: image/gif
Server: nginx
Last-Modified: Thu, 10 Nov 2022 07:34:19 GMT
Accept-Ranges: bytes
X-Cache: HIT from yd11_13-cdn-g01-la2-30
Content-Length: 407200
fmlb.netlbtu.com/images/2021/7/28/dmm7551.jpg
45.89.209.74200 OK 152 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7551.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 152 kB (151730 bytes)
Hash 19a4b5724697e49abae511152803ec21
634d07828b25cd07e3562340e908dee8a602d55b
dd4d7807404bd272d7ef416013bbc62ca08b603d022f2d454a3154a9101463d9
GET /images/2021/7/28/dmm7551.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:52 GMT
Content-Type: image/jpeg
Content-Length: 151730
Last-Modified: Fri, 25 Nov 2022 14:10:41 GMT
Connection: keep-alive
ETag: "6380cce1-250b2"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/27/dmm7539.jpg
45.89.209.74200 OK 180 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/27/dmm7539.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x505, components 3\012- data
Size 180 kB (179681 bytes)
Hash cac94ffff3ae6ab47c8d8aea061c6894
8ac898ccce86ec1debaa07e6b8600da928082930
13881f3cabe197c7ab7a0f44ecc2aa2a518222df135fe77f5808c0a481273a7f
GET /images/2021/7/27/dmm7539.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:51 GMT
Content-Type: image/jpeg
Content-Length: 179681
Last-Modified: Fri, 25 Nov 2022 12:39:58 GMT
Connection: keep-alive
ETag: "6380b79e-2bde1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmlb.netlbtu.com/images/2021/7/28/dmm7552.jpg
45.89.209.74200 OK 170 kB URL HTTP/1.1 fmlb.netlbtu.com/images/2021/7/28/dmm7552.jpg
IP 45.89.209.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x536, components 3\012- data
Size 170 kB (169777 bytes)
Hash 8648565ac68d2bb55e871104ade4d0af
d8f3deecdfcc5733c99c56ff7913a632edf056d9
16ab59b85b6982e45eb8ad13f645e33fd569eb247cce9c03e77b8843ab7d20a7
GET /images/2021/7/28/dmm7552.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Wed, 07 Dec 2022 07:31:52 GMT
Content-Type: image/jpeg
Content-Length: 169777
Last-Modified: Fri, 25 Nov 2022 12:41:17 GMT
Connection: keep-alive
ETag: "6380b7ed-29731"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6187
Cache-Control: max-age=86759
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:32:12 GMT
Etag: "638e68b8-2d7"
Expires: Wed, 07 Dec 2022 23:38:11 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 0a2d079aba514cb1f2e4fa7350095835
42a0f36117103b4b51269a081d653ddec662ffac
a8ace68f7887c0d201c14260cd2530d141ce277ca8497546bde48e3bd6c25350
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6187
Cache-Control: max-age=86759
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:32:12 GMT
Etag: "638e68b8-2d7"
Expires: Wed, 07 Dec 2022 23:38:11 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:04 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 727
img.1129555.com/images/6381d61bfbdac46b425ad62c.gif
185.239.226.87302 Found 563 kB URL HTTP/2 img.1129555.com/images/6381d61bfbdac46b425ad62c.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
File type GIF image data, version 89a, 960 x 60\012- data
Size 563 kB (562743 bytes)
Hash 120c390885d4580ed7abf5cd4b05575c
8047093c9889d5b496b56f6897d9d236b400391d
e601fe42e878a2fc13495d1184da984f92af228b686de71efdf9ca6e95abbf76
GET /images/6381d61bfbdac46b425ad62c.gif HTTP/1.1
Host: img.1129555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9416316e654540bd88d2f9055f9ff048
X-Firefox-Spdy: h2
p3.douyinpic.com/obj/tos-cn-i-dy/9e0cafd55375400ebd591988573f0a63
47.246.44.228200 OK 851 kB URL HTTP/2 p3.douyinpic.com/obj/tos-cn-i-dy/9e0cafd55375400ebd591988573f0a63
IP 47.246.44.228:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type GIF image data, version 89a, 960 x 120\012- data
Size 851 kB (850553 bytes)
Hash 2095c1e8f1e570a7991da9a94ab6b8e0
c7bf2e7e17d0251942ae670eaf6e99f86bf4fe25
ce58136edb4867b2190cde4921693c606fd7faa1665095569f9cfa0e46dcf3d2
GET /obj/tos-cn-i-dy/9e0cafd55375400ebd591988573f0a63 HTTP/1.1
Host: p3.douyinpic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 850553
date: Mon, 05 Dec 2022 12:15:21 GMT
cache-control: max-age=31536000
imagex-fmt: gif2gif
last-modified: Mon, 05 Dec 2022 11:42:43 GMT
nw-session-id: 202212051942430101750942094CC9457Emg67w03dy
nw-session-trace: 2022-12-05T19:42:43.562842529+08:00 40
x-bdcdn-cache-status: TCP_HIT
x-length: 850553
x-powered-by: ImageX
x-response-date: Mon, 05 Dec 2022 19:42:43 GMT
x-tt-logid: 202212051942430101750942094CC9457E
via: n150-055-208, cache2.l2de2[0,0,206-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache2.se1[0,0,200-0,H], cache1.se1[0,0]
x-request-ip: fdbd:dc02:20:306::101
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
x-response-cinfo: 91.90.42.154
x-response-cache: edge_hit
server-timing: cdn-cache;desc=HIT,edge;dur=0
x-tt-trace-host: 013bf24fed8673b8d562acc5eb962bb3c85e56ff6cf69a8858b7c945930e0bda9f65138b6b9e7f4ece9973fcc4c7a26f67b7fec2da17b729b74adb9f2ad7eadce13b3c831ec533dc51f0fb7a18591e5bc8aae687d5685b887466281e93e3fc835e
x-response-lb: image
ali-swift-global-savetime: 1670242521
age: 127011
x-cache: HIT TCP_MEM_HIT dirn:11:352661748 mlen:0
x-swift-savetime: Mon, 05 Dec 2022 12:32:26 GMT
x-swift-cachetime: 31534975
timing-allow-origin: *, *
access-control-allow-origin: *
eagleid: 2ff62c9516703695322731138e
X-Firefox-Spdy: h2
taiwtp1.com/img/96080.gif
220.128.218.220200 OK 73 kB URL HTTP/2 taiwtp1.com/img/96080.gif
IP 220.128.218.220:0
ASN #3462 Data Communication Business Group
File type GIF image data, version 89a, 960 x 80\012- data
Hash 3786e56d6d1ab748179b5cdcc97e0dc1
a1fabf9e794492452aeddae395618e245e892805
830e9e2171ca93ba4618970ee447880c54d99edc65aa4b26fa4e02c2fb963982
GET /img/96080.gif HTTP/1.1
Host: taiwtp1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 23:29:40 GMT
content-type: image/gif
content-length: 73157
last-modified: Thu, 07 Apr 2022 05:41:32 GMT
etag: "624e798c-11dc5"
expires: Thu, 05 Jan 2023 23:29:40 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 197ef32d65e8677ca87c6f3ae5ec8954
41f9af8c4e9216406b94e7608d75c21ea61c508f
01bb61a205b1b4071a7baccdb0c22b07cb58f0a36979d995055142a398a8e1b9
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:32:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 18:50:26 GMT
Expires: Sat, 10 Dec 2022 18:50:25 GMT
Etag: "41f9af8c4e9216406b94e7608d75c21ea61c508f"
Cache-Control: max-age=328092,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758d1c97b9efac8-OSL
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash d6b4ff5fcf787a606f071cf18157939d
310e91e9238d0cad3bfdef9ff9afd25c212174f8
a93a6c29ebe86701bd46d02fed70c7770afc87e838049d00aa6ab3a6648ec15f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:32:12 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 10:57:28 GMT
Expires: Mon, 12 Dec 2022 10:57:27 GMT
Etag: "310e91e9238d0cad3bfdef9ff9afd25c212174f8"
Cache-Control: max-age=472514,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7758d1c84ad8b512-OSL
p.qlogo.cn/qqmail_head/PiajxSqBRaELqPahYLFZH9ouhuYRQGvOE6Jpic2zTvndUd2fLK5VTTWuF3XXEic6vI1DJGhfs86jaA/0
43.129.255.47200 OK 331 kB URL HTTP/2 p.qlogo.cn/qqmail_head/PiajxSqBRaELqPahYLFZH9ouhuYRQGvOE6Jpic2zTvndUd2fLK5VTTWuF3XXEic6vI1DJGhfs86jaA/0
IP 43.129.255.47:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /qqmail_head/PiajxSqBRaELqPahYLFZH9ouhuYRQGvOE6Jpic2zTvndUd2fLK5VTTWuF3XXEic6vI1DJGhfs86jaA/0 HTTP/1.1
Host: p.qlogo.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Qnginx/1.4.4
date: Tue, 06 Dec 2022 23:32:11 GMT
content-type: image/gif
content-length: 331043
vary: Accept,Origin
last-modified: Tue, 08 Nov 2022 23:42:24 GMT
cache-control: max-age=2592000
x-delay: 205 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 2
x-reqgue: 0
size: 331043
chid: 0
fid: 0
x-nws-log-uuid: 73b09fee-bc9e-447c-a444-309fc73101f6
X-Firefox-Spdy: h2
images.weserv.nl/?url=https://i0.hdslb.com/bfs/album/f990b0233284db5fdf873711e8bb95aae6ed605f.gif
104.26.6.7200 OK 34 kB URL HTTP/2 images.weserv.nl/?url=https://i0.hdslb.com/bfs/album/f990b0233284db5fdf873711e8bb95aae6ed605f.gif
IP 104.26.6.7:0
File type GIF image data, version 89a, 950 x 100\012- data
Hash 94a1ed1c9869c62c1b2ecbadd6292e74
c6173fdfe04f5ea2cdd6c5b7f87268876813cc52
bb26f09e758656ea215d3ee14406b548af272ab016232d44efdbce712390982f
GET /?url=https://i0.hdslb.com/bfs/album/f990b0233284db5fdf873711e8bb95aae6ed605f.gif HTTP/1.1
Host: images.weserv.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://137.175.91.7/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:13 GMT
content-type: image/gif
content-length: 33902
content-disposition: inline; filename=image.gif
link: <https://i0.hdslb.com/bfs/album/f990b0233284db5fdf873711e8bb95aae6ed605f.gif>; rel="canonical"
expires: Sat, 02 Dec 2023 02:25:04 GMT
cache-control: public, max-age=31536000
x-upstream-response-length: 252002
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
timing-allow-origin: *
x-images-api: 5
x-cache-status: MISS
last-modified: Fri, 02 Dec 2022 02:25:04 GMT
cf-cache-status: HIT
age: 27589
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsHsU0oI6uMqJ52gy%2BSNbMfyZAOMsvuN8H6QhQNLa5btW4%2BN10JM%2BrqkquJjdmn8pBWFk4ahegFK7FEBE4pwz%2BCZ6iGSo1EyZIAZjGdiCDE20Wq58uRd1YoIfybiinDwuRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7758d1c288c0b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 7d6b07269b6c5dc3843e7baf9e04dd4d
f4a2a6f40c7c96689be9d841a9b0d8460acdd30e
dd6bea36768d1384d4b9369a15f8b32795438e2c6a32e762ec85baef835604f1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3732
Cache-Control: max-age=87523
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 23:32:13 GMT
Etag: "638e754c-116"
Expires: Wed, 07 Dec 2022 23:50:56 GMT
Last-Modified: Mon, 05 Dec 2022 22:48:44 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 278
n0611.com/9ced927796924d66b36802260eb53319.gif
20.222.165.74200 OK 206 kB URL HTTP/1.1 n0611.com/9ced927796924d66b36802260eb53319.gif
IP 20.222.165.74:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 960 x 100\012- data
Size 206 kB (206481 bytes)
Hash db73ec03627030bd09b0d06241d16b8f
814810ba141676acc47591bea04a793206c6a342
bedc95532f2d7584b2d8ae36c482bba52bda15c305681a40a6af78f3a7e4a5df
GET /9ced927796924d66b36802260eb53319.gif HTTP/1.1
Host: n0611.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 23:32:12 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 13 Nov 2022 10:36:12 GMT
ETag: W/"6370c89c-5d77a"
Server: WAF/2.4-12.1
X-Cache-Status: HIT
Content-Encoding: gzip
8499133.com/8499/960x60.gif
172.247.50.227200 OK 331 kB URL HTTP/2 8499133.com/8499/960x60.gif
IP 172.247.50.227:0
File type GIF image data, version 89a, 960 x 60\012- data
Size 331 kB (331043 bytes)
Hash 09f29e56330449942571a66f47f82fb5
30fc3421671176f6f724f32ee910470f03661ddc
b1a0f29b0a924b51c844351bddb87fddf9fa4ef5909f69f818e968f18413a725
GET /8499/960x60.gif HTTP/1.1
Host: 8499133.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 23:32:13 GMT
content-type: image/gif
content-length: 331043
last-modified: Wed, 09 Nov 2022 06:22:39 GMT
etag: "50d23-5ed03aef4304d"
server: qq.com
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 31270e51-34df-4980-9221-e21a5521b3de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clZQYHzvoAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ba268-509300b867fcbfb71a7cf6ad;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 19:24:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xk1sLSRBl1t872eGrnw1dVjQO7XvAM4NDFd5Y0wKjdvkKtaqDneEKg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:54 GMT
age: 5423
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img.1137555.com/images/638ded7309ca91e002014597.gif
185.239.226.87302 Found 0 B URL HTTP/2 img.1137555.com/images/638ded7309ca91e002014597.gif
IP 185.239.226.87:0
ASN #134835 Starry Network Limited
GET /images/638ded7309ca91e002014597.gif HTTP/1.1
Host: img.1137555.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
referrer-policy: no-referrer
cache-control: max-age=3600
location: https://p3.douyinpic.com/obj/tos-cn-i-dy/9e0cafd55375400ebd591988573f0a63
X-Firefox-Spdy: h2
www.hualigs.cn/image/622c574ddd73a.jpg
23.224.179.146302 Found 0 B URL HTTP/2 www.hualigs.cn/image/622c574ddd73a.jpg
IP 23.224.179.146:0
GET /image/622c574ddd73a.jpg HTTP/1.1
Host: www.hualigs.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://137.175.91.7/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Dec 2022 23:32:11 GMT
content-type: text/html; charset=utf-8
location: https://images.weserv.nl/?url=https://i0.hdslb.com/bfs/album/f990b0233284db5fdf873711e8bb95aae6ed605f.gif
cache-control: max-age=259200
x-powered-by: PHP/9.9
author: Hidove/Ivey
home-page: www.hidove.cn
e-mail: loliconla@qq.com
set-cookie: hidove_lang=en-us; path=/
HIDOVE_SESSID=46290eb3435a1c722c051c04920f0917; path=/
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2